SFTP implementation-level notes

some of the server implementations appear to be buggy and/or not totally
spec compliant.

SFTP is a “subsystem” mechanism of SSH, slightly vaguely defined at the
connection protocolRFC-4254 layer
of the SSH arch. first you have to
open a session,
then you can start a
shell, execution of some command, or a “predefined subsystem” on the
server. SFTP is one of the latter.

it turns out there are actually a whole bunch of different SFTP versions,
not one of which appears to have made it to an official RFC number from
IETF, all remain personal or official drafts. oh, and the only “SFTP” that
actually got and RFC number, RFC-913
(from 1984) is not it. :)

to make things more interesting, SFTP versions are NOT exactly backwards
compatible, so v3, v4 and v5 modes need to be explicitly supported. the
differences are minor and mostly incremental, but still…

SFTP v3 (2001,
29p. drafts -00 through -02 incrementally refine the definition of v3 of
the protocol) seems to be the most popular and widely implemented, including
by openssh, some servers added custom extensions (statvfs@openssh.com,
hardlink@openssh.com. and yup, those are the names!).

SFTP v6 (8 drafts
between 2004 and 2006, culminating in 60p -13) seems to be a design-by
committee monster of a spec, twice as large as the v3, and - predictably -
no meaningful adoption.

at least since v3, SFTP includes support for “vendor extensions”, some of
which were actually defined in the various SFTP drafts themselves, coming
and going through the revisions. some of those seem handy, e.g.:

copy-file (ProFTPD/mod_sftp) - server side copy?

check-file (standard ext, methinks) - file Hashing - this extension allows
a client to easily check if a file (or portion thereof) already matches
what is on the server.

space-available - this extension provides a way to discover the available
space.

in 2006 there was a belated effort to
standardize
the extensions, but this came during the later, v6 days of the protocol,
and it refs: draft -10
as the base protocol. dunno about its adoption status, but it’s unlikely.

today, stock OpenSSH server actually has 2 SFTP implementations, the
differences between which are mostly relevant to the users (think chroot):

the original standalone ‘sftp-server’ binary, to be forked by sshd, which
you can force by putting something like the following in your
sshd_config (you’ll need to find where the binary lives first, it’s not
in the $PATH): Subsystem sftp /usr/lib/openssh/sftp-server

the more recent internal subsystem ‘internal-sftp’, which you can force
by the following config instead: Subsystem sftp internal-sftp

OpenSSH extensions, bugs and non-standard hacks were
documented by the libssh folks at
some point by the past, but keep in mind that that’s the pot calling the
kettle black.